Davy Durham wrote:
Hi, I'd like to know if something's possible using the openssl SSL library.
I have a server running use the OpenSSL library with a cert and private installed. Now the client code (also using the OpenSSL library) so far has just been connecting to the server and assuming that it's really talking to the server and not a man in the middle.
Is there a possible way that I can have the server's cert file with me on the client machine and use that to validate that I am in fact talking to the server that has the matching private key file?
[...] Of course there is, that's what SSL primarily is for... ;)
I'm sure there is some sample code for this in the samples for the OpenSSL-book (http://www.opensslbook.com/code.html). And if you want to get seriously involved with OpenSSL I really can recomment buying (and reading!) the book itself.
Hope it helps, Ted ;)
smime.p7s
Description: S/MIME Cryptographic Signature
